Re: [sidr] Signed vs unsgned and bgp best path decision
Robert Raszuk <robert@raszuk.net> Thu, 22 March 2012 23:28 UTC
Return-Path: <robert@raszuk.net>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7AA4521F84FB for <sidr@ietfa.amsl.com>; Thu, 22 Mar 2012 16:28:18 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.547
X-Spam-Level:
X-Spam-Status: No, score=-2.547 tagged_above=-999 required=5 tests=[AWL=0.052, BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id a9PQLkXXvl0A for <sidr@ietfa.amsl.com>; Thu, 22 Mar 2012 16:28:18 -0700 (PDT)
Received: from mail1310.opentransfer.com (mail1310.opentransfer.com [76.162.254.103]) by ietfa.amsl.com (Postfix) with ESMTP id B10B521F84F6 for <sidr@ietf.org>; Thu, 22 Mar 2012 16:28:17 -0700 (PDT)
Received: (qmail 26691 invoked by uid 399); 22 Mar 2012 23:28:17 -0000
Received: from unknown (HELO ?192.168.1.57?) (pbs:robert@raszuk.net@83.31.183.245) by mail1310.opentransfer.com with ESMTPM; 22 Mar 2012 23:28:17 -0000
X-Originating-IP: 83.31.183.245
Message-ID: <4F6BB594.5040202@raszuk.net>
Date: Fri, 23 Mar 2012 00:28:20 +0100
From: Robert Raszuk <robert@raszuk.net>
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:11.0) Gecko/20120312 Thunderbird/11.0
MIME-Version: 1.0
To: Ruediger Volk <rv@NIC.DTAG.DE>
References: <19249.1332451876@x37.NIC.DTAG.DE>
In-Reply-To: <19249.1332451876@x37.NIC.DTAG.DE>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: "sidr@ietf.org list" <sidr@ietf.org>
Subject: Re: [sidr] Signed vs unsgned and bgp best path decision
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: robert@raszuk.net
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 22 Mar 2012 23:28:18 -0000
Hello Ruediger, Many thx for your reply. > don't interfere with whatever chaos (you think) the operator is working with. By chaos I meant complete autonomous selection of what paths are preferred to be chosen as best on an AS by AS basis. In the case of mixed SIGNED and UNSIGNED paths being consider in this _local_ decision as you stated it seems to me just like it is the case with bad uncorrelated policies more harm can be accomplished then good. Are you guaranteeing that such local autonomy how to prefer signed vs unsigned paths is safe in the bigger picture ? > Just provide the operator with trustworthy information While signed BGP information may be made trustworthy I think the end goal is that your customers will get service they pay for meaning that their packets will reach the destination. How singed BGP updates are sufficient to accomplish such goal if anyone on the path by simple static route may overwrite directly in the data plane such trustworthy information and redirect your customer packets left and right without you knowing about it ? Note that such overwrite would not happen if BGP would _always_ advertise only RIB/FIB active routes, but we all know that this is not always the case in some major implementations. Regards, R.
- [sidr] route leaks message to IDR Murphy, Sandra
- Re: [sidr] route leaks message to IDR Sriram, Kotikalapudi
- Re: [sidr] route leaks message to IDR George, Wes
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Murphy, Sandra
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Murphy, Sandra
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Sriram, Kotikalapudi
- Re: [sidr] route leaks message to IDR Murphy, Sandra
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Russ White
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Stephen Kent
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Eric Osterweil
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Shane Amante
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Robert Raszuk
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- Re: [sidr] route leaks message to IDR Murphy, Sandra
- Re: [sidr] route leaks message to IDR Christopher Morrow
- Re: [sidr] route leaks message to IDR Jay Borkenhagen
- Re: [sidr] route leaks message to IDR Jay Borkenhagen
- Re: [sidr] route leaks message to IDR Montgomery, Douglas
- [sidr] Signed vs unsgned and bgp best path decisi… Robert Raszuk
- Re: [sidr] route leaks message to IDR Brian Dickson
- Re: [sidr] route leaks message to IDR Jay Borkenhagen
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] route leaks message to IDR Randy Bush
- Re: [sidr] Signed vs unsgned and bgp best path de… Ruediger Volk
- Re: [sidr] Signed vs unsgned and bgp best path de… Robert Raszuk
- Re: [sidr] Signed vs unsgned and bgp best path de… Christopher Morrow
- Re: [sidr] Signed vs unsgned and bgp best path de… Jakob Heitz
- Re: [sidr] Signed vs unsgned and bgp best path de… Robert Raszuk
- Re: [sidr] Signed vs unsgned and bgp best path de… Christopher Morrow
- Re: [sidr] Signed vs unsgned and bgp best path de… Robert Raszuk
- Re: [sidr] Signed vs unsgned and bgp best path de… Christopher Morrow